Linux, open source software, and more.

Main menu

Tag Archives: ssh

In this post I will demonstrate how to perform a backup of a disk partition over the network using dd and nc (netcat). I will also introduce the pv command, which may be new to you. The pv command can be installed by “sudo apt-get install pv”.

Lets assume that I have a laptop that I use for testing different linux distributions. It has multiple operating systems and multiple disk partitions. I want to backup my Fedora 12 partitions before installing Fedora 13. I will use dd and nc to copy the Fedora 12 disk partitions across my network to a fileserver.

My laptop: 192.168.140.64

My fileserver: 192.168.140.11

The partitions on the laptop that I want to backup are:

/dev/sda4 (Fedora 12 lvm, 14.7GB)

/dev/sda8 (Fedora 12 /boot ext4, 263MB)

If you are wondering how I obtained the partitions and sizes, I used “parted -l”.

We have all the information we need, now lets begin.

First we tell the fileserver to listen on an unused high numbered port. I’m choosing port 12345.

On the fileserver:

$ nc -l 12345 | pv -b -p -s 263m > laptop_sda8.img

Next we tell the laptop to begin copying data to the fileserver.

On the laptop:

$ sudo dd if=/dev/sda8 | nc 192.168.140.11 12345

If you are unfamiliar with the pv command, it reports the amount of data written to a pipe. We use it to give us a progress bar. The -b and -p option tells it to show progress in bytes. We use -s 263m to tell it that we are expecting to receive 263MB of data. This is needed to display the progress bar.

Here is what you will see on the fileserver side while data is being copied.

When the data finishes copying, you can use md5sum to verify your data. Run md5sum on the source and md5sum on the destination and compare the results. The two resulting numbers should be identical.

Now a word about security. Notice that I copied my data in the clear across the network. If I am copying my data across my home LAN, this is an acceptable risk to me. If I am copying data across the Internet or any network shared with other people, this is not an acceptable risk. In that case, an ssh tunnel should be used.

Here is how.

On the fileserver start the listener. Same as before.

$ nc -l 12345 | pv -b -p 263M > laptop_sda8.img

Let me explain a few things here. In our next set of commands we will open two terminal windows on the laptop. In the first window we will setup an ssh tunnel from the laptop to the fileserver. We will keep this tunnel open, while we use the second terminal window to run our data transfer.

Open two terminal windows on the laptop.

In terminal 1, establish an ssh tunnel to the fileserver, using a valid username@fileserver.

$ ssh -N -L 12345:localhost:12345 neil@192.168.140.11

In terminal 2, copy the data as before but this time the destination will be localhost port 12345. The data will be encrypted and sent through the ssh tunnel to the file server.

$ sudo dd if=/dev/sda8 | nc localhost 12345

Repeat these steps for the next partition (/dev/sda4).

When the copy has completed, you can end the ssh tunnel by using ctrl-c in terminal 1.

The ssh tunnel is secure but you give up speed and it requires extra processing power. That is why I only use the ssh tunnel when security is a concern.